<?php /* ADMIN $Id: addedituser.php,v 1.47.2.7 2007/02/10 16:40:55 caseydk Exp $ */
//add or edit a system user
global $AppUI;

if (!defined('DP_BASE_DIR')) {
	die('You should not access this file directly');
}

$user_id = isset($_GET['user_id']) ? $_GET['user_id'] : 0;

if ($user_id == 0)
	$canEdit = $canAuthor;

if ($canEdit)
	$canEdit = $perms->checkModuleItem('users', ($user_id ? 'edit' : 'add'), $user_id);

$isAdmin = $AppUI->user_id == 1; 
$canEdit |= $isAdmin;
$canEdit |= $user_id == $AppUI->user_id;

// check permissions
if (!$canEdit && $user_id != $AppUI->user_id) {
	$AppUI->setMsg('Access denied', UI_MSG_ERROR);
	$AppUI->redirect();
}

//$roles
// Create the roles class container
require_once DP_BASE_DIR.'/modules/system/roles/roles.class.php';
$perms =& $AppUI->acl();
$crole =& new CRole;
$roles = $crole->getRoles();
// Format the roles for use in arraySelect
$roles_arr = array();
foreach ($roles as $role) {
	$roles_arr[$role['id']] = $role['name'];
}
$roles_arr = arrayMerge( array( 0 => '' ), $roles_arr );


$q  = new DBQuery;
$q->addTable('users', 'u');
$q->addQuery('u.*');
$q->addQuery('con.*, company_id, company_name, dept_name');
$q->addJoin('contacts', 'con', 'user_contact = contact_id');
$q->addJoin('companies', 'com', 'contact_company = company_id');
$q->addJoin('departments', 'dep', 'dept_id = contact_department');
$q->addWhere('u.user_id = '.$user_id);
$sql = $q->prepare();
$q->clear();

if (!db_loadHash( $sql, $user ) && $user_id > 0) {
	$titleBlock = new CTitleBlock( 'Invalid User ID' );
	$titleBlock->addButton( 'users list', '?m=admin' );
	$titleBlock->show();
} else {
	if ( $user_id == 0)
		$user['contact_id'] = 0;
	// pull companies
	$q = new DBQuery;
	$q->addTable('companies');
	$q->addQuery('company_id, company_name');
	$q->addOrder('company_name');
	$companies = arrayMerge( array( 0 => '' ), $q->loadHashList() );

	// setup the title block
	$ttl = $user_id > 0 ? 'Edit User' : 'Add User';
	$titleBlock = new CTitleBlock( $ttl );
	if ($perms->checkModule('admin', 'view') && $perms->checkModule('users', 'view'))
		$titleBlock->addButton( 'users list', '?m=admin' );
	$titleBlock->addCell();
	$titleBlock->show();
?>
<script language="javascript">
function submitIt(){
	var form = document.editFrm;
	if (form.user_username.value.length < <?=dPgetConfig('username_min_len')?> &&
		form.user_username.value != '<?=dPgetConfig('admin_username')?>') {
		alert("<?=$AppUI->_('adminValidUserName', UI_OUTPUT_JS)?>" + <?=dPgetConfig('username_min_len')?>);
		form.user_username.focus();
/*
<?php if ($canEdit && !$user_id) { ?>
	} else if (form.user_role.value <= 0 ) {
		alert("<?=$AppUI->_('adminValidRole', UI_OUTPUT_JS)?>");
		form.user_role.focus();
<?php } ?>
 */
	} else if (form.user_password.value.length < <?=dPgetConfig('password_min_len')?>) {
		alert("<?=$AppUI->_('adminValidPassword', UI_OUTPUT_JS)?>" + <?=dPgetConfig('password_min_len')?>);
		form.user_password.focus();
	} else if (form.user_password.value !=  form.password_check.value) {
		alert("<?=$AppUI->_('adminPasswordsDiffer', UI_OUTPUT_JS)?>");
		form.user_password.focus();
	} else if (form.contact_first_name.value.length < 1) {
		alert("<?=$AppUI->_('adminValidFirstName', UI_OUTPUT_JS)?>");
		form.contact_first_name.focus();
	} else if (form.contact_last_name.value.length < 1) {
		alert("<?=$AppUI->_('adminValidLastName', UI_OUTPUT_JS)?>");
		form.contact_last_name.focus();
	} else if (form.contact_email.value.length < 4) {
		alert("<?=$AppUI->_('adminInvalidEmail', UI_OUTPUT_JS)?>");
		form.contact_email.focus();
	} else if (form.contact_birthday && form.contact_birthday.value.length > 0) {
		dar = form.contact_birthday.value.split("-");
		if (dar.length < 3) {
			alert("<?=$AppUI->_('adminInvalidBirthday', UI_OUTPUT_JS)?>");
			form.contact_birthday.focus();
		} else if (isNaN(parseInt(dar[0],10)) || isNaN(parseInt(dar[1],10)) || isNaN(parseInt(dar[2],10))) {
			alert("<?=$AppUI->_('adminInvalidBirthday', UI_OUTPUT_JS)?>");
			form.contact_birthday.focus();
		} else if (parseInt(dar[1],10) < 1 || parseInt(dar[1],10) > 12) {
			alert("<?=$AppUI->_('adminInvalidMonth', UI_OUTPUT_JS).' '.$AppUI->_('adminInvalidBirthday', UI_OUTPUT_JS)?>");
			form.contact_birthday.focus();
		} else if (parseInt(dar[2],10) < 1 || parseInt(dar[2],10) > 31) {
			alert("<?=$AppUI->_('adminInvalidDay', UI_OUTPUT_JS).' '.$AppUI->_('adminInvalidBirthday', UI_OUTPUT_JS)?>");
			form.contact_birthday.focus();
		} else if(parseInt(dar[0],10) < 1900 || parseInt(dar[0],10) > 2020) {
			alert("<?=$AppUI->_('adminInvalidYear', UI_OUTPUT_JS).' '.$AppUI->_('adminInvalidBirthday', UI_OUTPUT_JS)?>");
			form.contact_birthday.focus();
		} else {
			form.submit();
		}
	} else {
		form.submit();
	}
}

function doGetDepartmentList() {
	var c = $('idCompany');
	if (c.selectedIndex == 0) {
		alert('<?=$AppUI->_( 'Please select a company first!', UI_OUTPUT_JS )?>');
		return;
	}
	DepartmentList(c.options[c.selectedIndex].value, function() {initTree($("idDeptTree"));} ).show();
}

function doSelectDepartment(id)
{
	$('idDeptId').value = id;
	$('idDeptName').value = unescape($('idDept['+id+']').getAttribute('value'));
	$('idGlass').onclick();
}

function doChangeCompany()
{
	$('idDeptId').value = 0;
	$('idDeptName').value = '';
}

</script>
<form name="editFrm" action="index.php?m=admin" method="post">
	<input type="hidden" name="user_id" value="<?=intval($user['user_id'])?>" />
	<input type="hidden" name="contact_id" value="<?=intval($user['contact_id'])?>" />
	<input type="hidden" name="dosql" value="do_user_aed" />
	<input type="hidden" name="username_min_len" value="<?=dPgetConfig('username_min_len')?>)" />
	<input type="hidden" name="password_min_len" value="<?=dPgetConfig('password_min_len')?>)" />

<table width="100%" border="0" cellpadding="7" cellspacing="0">
<tr>
	<td class="tabon">User Information</td>
	<td width="100%">&nbsp;</td>
</tr>
</table>
<table width="100%" border="0" cellpadding="7" cellspacing="0" class="infopanel">
<tr>
	<td align="left" width="100%">
	<?	if ($canEdit) { ?>
		<input type="button" value="<?=$AppUI->_('save')?>" onClick="submitIt()" class="button" />
	<?	} ?>
		<input type="button" value="<?=$AppUI->_('back')?>" onClick="javascript:history.back(-1);" class="button" />
	</td>
<?
	if ($isAdmin || $user_id == $AppUI->user_id) {
		if ($user_id > 0) {
?>
	<td align="right" nowrap="nowrap">
<?
			showButton('view this user', '?m=admin&a=viewuser&user_id='.$user_id);
			showButton('edit preferences', '?m=system&a=addeditpref&user_id='.$user_id );
?>&nbsp;
	</td>
<?
		} else {
?>
	<td align="right" nowrap="nowrap">
		<label for="idSendMail"><?=$AppUI->_('Inform new user of his account details?')?></label>
	</td>
	<td><input id="idSendMail" type="checkbox" value="1" name="send_user_mail"/></td>
<?
		}
	}
?>
	</td>
</tr>
</table>
<table width="100%" border="0" cellpadding="0" cellspacing="4" class="subinfopanel">
<tr>
	<td align="right" width="150">* <?=$AppUI->_('Login Name')?></td>
	<td>
<?php
	if (@$user['user_username']) {
?>
	<input type="type" class="text" name="user_username" value="<?=$user['user_username']?>" readonly="true"
		style="width: 100px"/>
<?
	} else {
?>
	<input type="text" class="text" name="user_username" value="<?=$user['user_username']?>" maxlength="255"
		style="width: 100px"/>
<?
	}
?>
<?php if ($isAdmin && $user_id != 1) { ?>
	&nbsp;<?=$AppUI->_('User Type')?>
	<?=arraySelect( $utypes, 'user_type', 'style="width: 125px" class="text" size="1"', $user['user_type'], true )?></td>
<!-- Don't use at this time
<tr>
	<td align="right">* <?=$AppUI->_('User Role')?></td>
	<td><?=arraySelect($roles_arr, 'user_role', 'size="1" class="text"', $user['user_role'], true)?></td>
</tr>
-->
<? } ?>
</tr>
<tr>
	<td align="right">* <?=$AppUI->_('Password')?></td>
	<td><input type="password" class="text" name="user_password" style="width: 300px" value="<?=$user['user_password']?>" maxlength="32" size="32" /> </td>
</tr>
<tr>
	<td align="right">* <?=$AppUI->_('Confirm Password')?></td>
	<td><input type="password" class="text" name="password_check" style="width: 300px" value="<?=$user['user_password']?>" maxlength="32" size="32" /> </td>
</tr>
<tr>
	<td align="right">* <?=$AppUI->_('Name')?></td>
	<td>
		<input type="text" class="text" name="contact_first_name" style="width: 146px" value="<?=$user['contact_first_name']?>" maxlength="50"/><input type="text" class="text" name="contact_last_name" style="width: 146px" value="<?=$user['contact_last_name']?>" maxlength="50"/>
	</td>
</tr>
<tr>
	<td align="right"> <?=$AppUI->_('Company')?></td>
	<td>
	<?
		echo $isAdmin ?
			arraySelect($companies,'contact_company',
				'id="idCompany" class="text" style="width: 305px" size="1" onchange="doChangeCompany()"',
				$user['contact_company']) :
			'<input type="text" style="width: 300px" value="'.$companies[$user['contact_company']].'" readonly="true">'
	?>
	</td>
</tr>
<tr>
	<td align="right"><?=$AppUI->_('Department')?></td>
	<td>
		<input id="idDeptId" type="hidden" name="contact_department" value="<?=@$user['contact_department']?>" />
		<input id="idDeptName" type="text" class="text" name="dept_name" style="width: 300px"
			value="<?=@$user['dept_name']?>" readonly="true"/>
	<?php if ($isAdmin) { ?>
		<img src="images/treetable.gif" class="ico clickable" onclick="doGetDepartmentList()"
			title="Show department list"/>
	<? } ?>
	</td>
</tr>
<tr>
	<td align="right">* <?=$AppUI->_('Email')?></td>
	<td><input type="text" class="text" name="contact_email" style="width: 300px" value="<?=$user['contact_email']?>" maxlength="255"/></td>
</tr>
<tr>
	<td align="right" valign="top"><?=$AppUI->_('Email').' '.$AppUI->_('Signature')?></td>
	<td valign="top"><textarea class="text" rows="5" name="user_signature" style="width: 300px"><?=@$user['user_signature']?></textarea></td>
</tr>
<!-- Don't show at this time
<? if ($canEdit && $user_id) { ?>
<tr>
	<td align="right"><a href="?m=contacts&a=addedit&contact_id=<?=$user['user_contact']?>"><?=$AppUI->_(array('edit', 'contact info'))?></a></td>
	<td>&nbsp;</td>
</tr>
<? } ?>
-->
</table>
<? } ?>
